TinTorch CRM
Sign inGet started
Legal

Privacy Policy

Effective date: 1 June 2025

1. Who we are

TinTorch CRM is a product of e10 infotech, a company registered in India. When this policy refers to "TinTorch," "we," "us," or "our," it means e10 infotech and its TinTorch CRM platform accessible at tintorch.com.

For privacy-related questions, contact us at privacy@tintorch.com.

2. Data we collect

We collect the following categories of personal data:

  • Account data: Name, email address, phone number, and password (hashed) provided during registration.
  • Profile and organization data: Company name, role, team size, and workspace settings.
  • Usage data: Pages visited, features used, click events, and session duration — collected via server logs and first-party analytics.
  • Contact data you import: Information about your leads and customers that you upload or sync into TinTorch, including names, emails, phone numbers, and custom fields.
  • Communications data: Email and WhatsApp message content sent through TinTorch channels.
  • Payment data: Billing name, address, and last-four card digits — full card data is processed by our payment provider and never stored on our servers.
  • Device and connection data: IP address, browser type, operating system, and device identifiers for security and fraud prevention.

3. How we use your data

We use your personal data to:

  • Provide, maintain, and improve the TinTorch service.
  • Process transactions and send billing-related communications.
  • Send product updates, security alerts, and support messages.
  • Respond to support requests and inquiries.
  • Detect, prevent, and investigate fraud, abuse, or security incidents.
  • Comply with legal obligations.
  • Analyze aggregate usage patterns to improve the platform (data is anonymized before analysis).

4. Legal basis for processing (GDPR)

For users in the European Economic Area, our legal bases are:

  • Contract performance: Processing necessary to deliver the service you signed up for.
  • Legitimate interests: Security monitoring, fraud prevention, and product improvement.
  • Legal obligation: Compliance with applicable laws and regulations.
  • Consent: Marketing emails — you may withdraw consent at any time.

5. Data sharing

We do not sell your personal data. We share data only in these circumstances:

  • Service providers: Trusted subprocessors (hosting, payment, email delivery, analytics) under data processing agreements.
  • Legal requirements: When required by law, court order, or to protect our rights or the safety of others.
  • Business transfers: In connection with a merger, acquisition, or sale of assets — you will be notified in advance.
  • With your consent: Any other sharing requires your explicit approval.

6. Data retention

We retain your account data for as long as your account is active or as needed to provide services. After account deletion, we purge personal data within 90 days, except where retention is required by law. Anonymized aggregate data may be retained indefinitely for analytics purposes.

7. Your rights

You have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request that we correct inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data (subject to legal retention requirements).
  • Portability: Receive your data in a structured, machine-readable format.
  • Restriction: Request that we restrict processing of your data in certain circumstances.
  • Objection: Object to processing based on legitimate interests or for direct marketing.
  • Withdraw consent: Withdraw consent for marketing communications at any time via the unsubscribe link in any email.

To exercise any of these rights, email privacy@tintorch.com. We will respond within 30 days.

8. Cookies

We use the following types of cookies:

  • Strictly necessary: Session authentication and security tokens. Cannot be disabled.
  • Functional: User preferences and workspace settings.
  • Analytics: First-party usage analytics to improve the product. No third-party tracking cookies.

9. Security

We implement industry-standard security measures including TLS encryption in transit, AES-256 encryption at rest, access controls, and regular security reviews. No method of transmission over the internet is 100% secure; we encourage you to use strong, unique passwords and enable two-factor authentication.

10. International transfers

e10 infotech is incorporated in India. If you are located outside India, your data may be transferred to and processed in India. We use standard contractual clauses and equivalent safeguards for transfers to and from the EEA.

11. Children's privacy

TinTorch is not directed at children under 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, contact us and we will delete it promptly.

12. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice in the application at least 30 days before they take effect. Your continued use of TinTorch after changes take effect constitutes your acceptance of the updated policy.

13. Contact

For privacy questions, rights requests, or data protection inquiries, contact:

e10 infotech

Privacy Team

privacy@tintorch.com

© 2026 e10 infotech. All rights reserved.